A. Encryption
The basis of conventional encryption typically involves the use of one or more “keys”. If a party knows the encryption key and the process used to encrypt the message, the message can be encrypted. If a party knows the decryption key and the process used to decrypt the message, the party can decrypt the message. Typically, within any given system, these processes remain static and only the keys change. For example, consider the famous “2001 Space Odyssey Code”: The computer's name is HAL, the HAL 9000. Many people regard that name as being an encrypted name. Why? Add one letter to each of the letters in the name “HAL”. H+1=I, A+1=B, and L+1=M. “IBM”. In this case the process of decryption is to add a key to each letter. The key used is the number 1. Similarly the process of encryption (to convert from “IBM” into “HAL”) would be to subtract the key from each letter. Here again, the key used is the number 1.
The above-described example of encryption is illustrated in FIG. 1. Of note, such encryption is known conventionally as “symmetric encryption” (where the same key is used to both encrypt and decrypt the message).
On the other hand, a different conventional process known as “asymmetric encryption” uses two keys. Under this system one key is used to encrypt the message and the other key, a different key, must be used to decrypt it. For this system to work, the two keys must, of course, be related; however, if the asymmetric encryption is to be effective the relationship between the two different keys cannot be obvious (i.e., knowing one key does not enable someone to automatically know the other key).
An important feature of such conventional asymmetric encryption is that either key can be used as the encryption key. Thus, if the initial “plain text” message is encrypted using Key #1, the encrypted text (“cipher text”) can only be decrypted (converted back into “plain text”) using Key#2. But if the plain text is encrypted using Key #2, the resulting cipher text can only be decrypted using Key #1. This relationship is illustrated in FIG. 2.
In addition, it is noted that conventional public key/private key technology is based upon asymmetric encryption. The concept is that each participant in the system has two keys. One key, the “private key”, is kept private, known to, or accessible by, only the individual key owner (i.e., the entity associated with the key). The other key, the “public key”, is considered public and is published to the world. The two keys work symmetrically. That is: (a) if a message is encrypted with an entity's public key, the message can only be decrypted with that entity's private key; and (b) if a message is encrypted with an entity's private key, the message can only be decrypted with that entity's public key.
When one is working with a conventional encryption mechanism there are certain important factors to note (because not all encryption is the same and not all public key/private key systems are the same). Some of the relevant issues are:                The type of encryption being used—                    Symmetric            Asymmetric            A Combination (Mixed Mode)—Some conventional systems use a randomly generated symmetric key to encrypt a message. They then use an asymmetric encryption process to encrypt the symmetric key, which is stored with the symmetrically encrypted message.                        The size of the keys—In general, the longer the encryption key, the more difficult it is to crack the encryption code.        Who issues/generates the keys—Many implementations of conventional public key infrastructure (“PKI”) technology rely upon “trusted authorities” (i.e., third party PKI vendors) to generate and issue all of the keys. On the other hand, some systems rely upon the end-users themselves to generate their own keys (using software supplied by the system).        Where and if the keys are stored—Some conventional systems store the public key/private key pairs within the computers being used by the system. Others systems generate the keys “on demand”, when they are required, and do not store them at all. Still other systems store the public keys electronically, but generate the private keys on demand.        
B. Digital Signatures
Conventional digital signatures serve two important purposes: (a) non-repudiation (i.e., the “signer” of an electronic document cannot deny having signed it); and (b) tamper-proofing (i.e., the contents of the electronic document cannot be changed without invalidating the digital signature).
Conventional digital signature technology is based upon two component technologies: (a) the public key/private key concept; and (b) a hash function (a hash function is a complex mathematical function, or formula, that uses the numeric representation of a document's content [e.g., text] to produce a specific number, the “hash value” of a document; conventional hash functions have been formulated in such a manner as to render it relatively easy to produce a hash value of a text, but almost impossible to produce a text that will yield a predetermined hash value).
Unlike handwritten, or even “digitized signatures” (i.e., digital images of handwritten signatures), each digital signature is different for each electronic document signed. In one example, a conventional mechanism used to create a digital signature for a specific document involves producing the hash value for the document and then encrypting the hash value with the signer's private key. This process is illustrated in FIG. 3A.
A signature, however, is essentially without value unless it can be “verified”. Conventional digital signature verification confirms not only who signed the document but also that the document has not been changed in any way. The process of digital signature verification works as shown in FIG. 3B.
More particularly, to verify the signature using a conventional process, the verifier:                Produces the hash value of the document.        Decrypts the digital signature using the signer's public key, producing the signer's hash value. If the digital signature can be decrypted with the signer's” public key, then the signature was signed with the signer's private key (which, presumably, only the signer possesses).        Compares the hash values. If the two hash values match, the document has not been tampered with.        
C. Authentication
Finally, it is noted that authentication is the means whereby system users are identified. In other words, authentication is verification of identity. Conventionally, there are three distinct types of authentication that correspond to the three distinct situations when authentication is required:                Registration Authentication (Enrollment)—When an entity is registered to use the system.        External Authentication (System Access)—When an entity “logs in” identifies his/her/itself) to use the system.        Internal Authentication (Resource Access)—After an entity has identified his/her/itself to the system and attempts to use a system resource (e.g., run a program) or access information stored in the system (e.g., open a file).        
Among those benefits and improvements that have been disclosed, other objects and advantages of this invention will become apparent from the following description taken in conjunction with the accompanying figures. The figures constitute a part of this specification and include illustrative embodiments of the present invention and illustrate various objects and features thereof.